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DETAILED ACTION 

1 . Claims 39-40, 44-47, 49-62, 64-68 and 70-74 Pending. 
Claims 1-38, 41-43, 48, 63, and 69 Canceled. 

Response to Arguments 

2. Applicant's arguments filed 12/01/2008 have been fully considered but they are 
not persuasive. 

As per Applicants arguments asserting that Elsey fails to disclose the limitation of 
a "temporary current status of the user", Examiner respectfully disagrees. Examiner 
notes that the cited passage of Elsey cited by Applicant (Column 4, Lines 10-25) clearly 
discloses that the directory/database has at least two access levels/roles (e.g. read only 
and administrator) states that the a directory/database owner is able to assign roles to 
users. This disclosure, when combined with other portions of Elsey cited in the 
rejection, specifically the citations from Column 4 (e.g. Column 4, Lines 28-35, cited 
regarding Claim 64 and Column 4, Lines 63-66 cited regarding Claims 66) clearly 
indicates that roles exist (Column 4, Lines 10-25), multiple roles may be created 
Column 4, Lines 28-35), users may be assigned to roles (Column 4, Lines 28-35), and 
the roles of the users may be altered by the administrator (Column 4, Lines 10-25). 
Examiner strongly asserts that if an administrator has the capability to change the role 
of a user then the role is temporary. In order for a role to be considered non-temporary 
(i.e. permanent), a system must disallow the reassignment of a user to a different role or 
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level of access. As this is not the case in the system of Elsey, and as the above 
referenced disclosure of Elsey clearly indicates that user roles may be created, 
assigned, and changed by an administrator, the roles of Elsey are considered to be 
temporary and the disclosure of Elsey is considered to be anticipatory of the limitation of 
"a temporary current status of the user". 

As per Applicants arguments regarding the newly introduced Claims 71-74, 
Examiner respectfully disagrees. Examiner asserts that the newly introduces limitations 
are disclosed in the newly cited art of Thomas ("Team-based access control (TMAC): a 
primitive for applying role-based access controls in collaborative environments", 
Proceedings of the second ACM workshop on Role-based access control; Pgs. 13-19; 
1997; ACM). The disclosure of Thomas on Page 18, Column 1, clearly indicates that 
roles in a role based access control system are changed in response to events (e.g. the 
transfer of a patient), that these role transfer operations may be done on a group or 
user based granularity, and that the role transfer operations may be automated to occur 
automatically in response to changes in the host information system. Examiner asserts 
that this disclosure is sufficient, when taken in combination with the disclosure of Elsey, 
to allow the system of Elsey to grant the access and temporary role to a user for the 
duration of a live communication/telephone call between the user and a customer. 

As per the above arguments the rejection will be updated to reflect amendments 
made to the claims and maintained. 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

4. Claims 64-68 and 70-72 rejected under 35 U.S.C. 1 02(e) as being anticipated by 
Elseyetal. (US 6,870,921 B1). 



As per claim 64 Elsey et al. is directed to a method comprising: managing a 
multi-tenant database (column 4, lines 2-4), wherein the multi-tenant database comprises a 
partitionable database (column 4, lines 2-3), the partitionable database comprises a 

plurality Of virtual databases (column 4, lines 2-4, wherein "virtual database" could mean "private 
directory"; column 4, lines 9- 16), each of the virtual databases has an owner tenant among 
tenants of the multi-tenant database (column 5, lines 21-22), each of the virtual databases 
comprises multiple associated groups of data (column 4, lines 9-1 1), and the managing 
comprises: setting access privileges for the groups of data in each of the virtual 
databases based at least in part on the owner tenant of the virtual database (column 4, 
lines 16-18; column 4, lines 28-35); and for each of multiple requests by a user to one of the 
groups of data in one of the virtual databases (column 4, lines 31-32), determining whether 
to grant access to the user for the requested data group based at least in part on a 
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relationship of the user to the owner tenant of the virtual database that comprises the 

requested data group (column 2, lines 45-47; column 4, lines 19-20; column 4, lines 28-35); when 

the relationship of the user to the owner tenant is determined to be an employee 
relationship, granting access to the user for the requested data group (column 4, lines 28- 
35); and when the relationship of the user to the owner tenant is not determined to be an 
employee relationship, granting temporary access to the user for the requested data 
group only when a customer of the owner tenant is determined to have provided access 
authorization to the user for that requested data group (column 4, lines 16-24). 

As per claim 65 Elsey et al. is directed to each of the groups of data is a file 
stored in the multi-tenant database (column 4, lines 2-3). 

As per claim 66 Elsey et al. is directed to wherein the method is performed by a 
database operator, and the database operator is other than the tenants (column 4, lines 63- 

66). 

As per claim 67 Elsey et al. is directed to at least some of the requests for groups 
of data by users are received for users that are representatives of the database 
operator and are based on a contact to the users that is initiated by the tenants that own 
the virtual databases associated with the requested groups of data, and wherein the 
access authorizations for those users are determined to have been provided by those 
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owner tenants based on the initiated contact by those tenants (column 4, lines 16-22; 
column 4, lines 28-33). 

As per claim 68 Elsey et al. is directed to the relationship of a user to an owner 
tenant is not determined to be an employee relationship and the owner tenant is 
determined to have provided access authorization to the user for a data group in the 
virtual database for that tenant, granting access to the user to other data groups in that 
virtual databases (column 4, lines 16-24), wherein The granting access is based on that 
providing of the access authorization (column 4, lines 16-24). 

As per claim 70 Elsey et al. is directed to when the relationship of a user to an 
owner tenant is not determined to be an employee relationship and the owner tenant is 
determined to have provided access authorization to the user for a data group in the 
virtual database for that tenant, the access granted to that user is based on a current 

role Of the user (column 4, lines 16-23; column 4, lines 30-31, wherein "role" depends on "level of 
access"). 
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Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 39-40, 44-47, and 49-62 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Elsey et al. (US 6,870,921 B1 ). 

As per claim 39 Elsey et al. is directed a database system comprising: a 
partitionable database (column 2, lines 16-17), wherein the partitionable database is 
partitioned into a plurality Of virtual databases (column 4, lines 2-3, wherein "virtual database" 
could mean "private directory"), and each virtual database of the plurality of virtual databases 
corresponds to a tenant of the partitionable database in such a manner that a 
partitioned virtual database for a tenant comprises stored files associated with the 
tenant (column 4, lines 9-16); and an access control subsystem (column 4, lines 16-22), 
wherein the access control subsystem is coupled to the virtual databases (column 4, lines 
16- 22), and the access control subsystem is configured to provide access to files in a 
virtual database of the plurality of virtual databases to a user only when the user has 
access authorization to the virtual database from a tenant corresponding to the virtual 
database (column 4, lines 16-22), wherein the access authorization is based at least in part 
on a temporary current status of the user (Column 4, Lines 10-25). 
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Elsey et al. does not explicitly teach each virtual database of the virtual 
databases of the partitionable database of the database system comprises a plurality of 
files. 

Elsey et al. teaches that each private directory contains information tailored to 
the needs of an individual or corporation (column 4, lines 9-1 1). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made interpret Elsey et al. to having support for private directories 
containing plurality of distinct information because it is well known in the art that 
directories hold files of distinct information. 

As per claim 40 Elsey et al. as modified is directed to the virtual databases are 
disjoint from one another (column 4, lines 9-16, wherein the information stored may contain different 
elements). 

As per claim 44 Elsey et al. as modified is directed to the access control 
subsystem is configured to provide access authorization to the user for particular file in 
the virtual database based on initiation of a database call through an associated 
computer telephony integration (CTI) system by a customer of the tenant who owns the 
virtual database of the virtual databases comprising the particular file (column 5, lines 20- 

22). 
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As per claim 45 Elsey et al. as modified is directed to an operator of the 
partitionable database provides common call center service to customers of tenants of 
the partitionable database on behalf of the tenants (column 10, lines 20-26). 

As per claim 46 Elsey et al. as modified is directed to a method comprising: 
managing a database system (column 4, lines 2-3), comprising: granting access 
authorization to a user for one virtual database of a virtual databases by an owner of the 

one virtual database (column 4, lines 2-3, wherein "virtual database" could mean "private directory"; 
column 4, lines 9-16), wherein the access authorization is based at least in part on a 
temporary current role of the user (Column 4, Lines 10-25), the database system comprises 
a partitionable database (column 4, lines 2-3), the partitionable database comprises the 
plurality of virtual databases (column 4-iines 2-3), and each of the virtual databases has a 
unique database owner (column 5, lines 21-22); and providing to the user access to a file of 
the files in the one virtual database after the user has been granted the access 

authorization (column 4, lines 16-22). 

Elsey et al. does not explicitly teach each virtual database of the virtual 
databases of the partitionable database of the database system comprises a plurality of 
files. 

Elsey et al. teaches that each private directory contains information tailored to 
the needs of an individual or corporation. 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made interpret Elsey et al. to having support for private directories 
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containing plurality of distinct information because it is well known in the art that 
directories hold files of distinct information. 

As per claim 47 Elsey et al. as modified directed to wherein the virtual databases 

are disjoint virtual databases (column 4, lines 9-16, wherein the information stored may contain 
different elements). 

As per claim 49 Elsey et al. as modified directed to the user needs authorization 
from an owner of a file within the one virtual database to access that file, the method 
comprising providing access to the file to the user after the owner of the file grants 
authorization (column 4, lines 11-16; column 4, lines 19-24; column 4, lines 30-33). 

As per claim 50 Elsey et al. as modified directed to before the providing of the 
access to the file, receiving access authorization to the file for the user from the owner 

Of the file (column 4, lines 16-22; column 4, lines 30-33). 

As per claim 51 Elsey et al. as modified directed to the receiving of the access 
authorization to the file comprises initiation by a customer of the owner of the file of a 
database call to the user through an associated computer telephony integration (CTI) 

system (column 4, lines 38-59). 
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As per claim 52 Elsey et al. as modified is directed to wherein the database is a 
multi-tenant database having a plurality of tenants, each tenant of the tenants being an 
owner of a separate virtual database, at least two of the tenants utilizing a common call 

center service (column 4, lines 2-3; column 4, lines 9-12; column 4, lines 26-28; column 4, lines 38-51). 

As per claim 53 Elsey et al. as modified is directed to wherein the partitionable 
database stores a plurality of files that are each associated with one of a plurality of 
unique database owners such that the virtual databases each comprises the stored files 
associated with the owner of the virtual database (column 4, lines 2-3; column 4, lines 9-16). 

As per claim 54 Elsey et al. as modified is directed to the partitionable database 
is operated by a database operator on behalf of the owners of the virtual databases as 

tenants Of the partitionable database (column 2, lines 20-25; column 4, lines 46-47, wherein the 
subscriber needs a service that is operated by an operator). 

As per claim 55 Elsey et al. as modified is directed to each of the tenants lease 
capacity of the partitionable database from the database operator (column 4, lines 36- 38, 

wherein the subscriber or tenant needs a service that is operated by an operator). 

As per claim 56 Elsey et al. as modified is directed to wherein the granting the 
access authorization to the user for the one virtual database is initiated by a telephone 
call from a customer of an the owner of the one virtual database through a computer 
telephony integration (CTI) system (column 4, lines 38-44). 
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As per claim 57 Elsey et al. as modified is directed to wherein the user is a 
representative of an organization providing a service to the owner of the one virtual 
database (column 4, lines 30-33). 

As per claim 58 Elsey et al. as modified is directed to providing access to the 
user to files in other virtual databases after the user is granted authorization from the 
owners of the other virtual databases (column 4, lines 16-20; column 6, lines 3-4). 

As per claim 59 Elsey et al. as modified is directed to wherein the access 
provided to the user is temporary access limited to a duration of the telephone call 
(column 5, line 32; column 5, line 56; wherein the "duration" is the time between log in and log out). 

As per claim 60 Elsey et al. as modified is directed to wherein the telephone call 
is made regarding the file, the method comprising automatically providing access to the 
user to other files in the one virtual database based on the telephone call (column 10, lines 

20-25; column 10, lines 35-37). 

As per claim 61 Elsey et al. as modified is directed to the computer telephony 
integration (CTI) system is part of a call center service common to the owners of the 
virtual databases (column 4, lines 38-44; column 10, lines 20-26). 
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As per claim 62 Elsey et al. as modified is directed to wherein the providing the 
access is based at least in part on the user receiving the telephone call via the CTI 

system (column 4, lines 38-44). 

7. Claims 71-74 rejected under 35 U.S.C. 103(a) as being unpatentable over Elsey 
in view of Thomas. 

As per Claim 71 , Elsey fails to disclose the temporary access granted to the user 
is limited to a duration of a live communication between the user and the customer of 
the owner tenant. 

Thomas discloses the temporary access granted to the user is limited to a 
duration of a live communication between the user and the customer of the owner 

tenant (Page 18, Column 1, wherein the permissions may be deactivated at the end of a workflow 
instance.). 

It would have been obvious to one skilled in the art at the time of Applicants 
invention to modify the teachings of Elsey with the teachings of Thomas to include the 
temporary access granted to the user is limited to a duration of a live communication 
between the user and the customer of the owner tenant with the motivation to 
distinguish the passive concept of permission assignment from the active concept of 
context-based permission activation (Thomas, Abstract). 
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As per Claim 72, Elsey fails to disclose the temporary access granted to the user 
is limited to a duration of a telephone call between the user and the customer of the 
owner tenant . 

Thomas discloses the temporary access granted to the user is limited to a 
duration of a telephone call between the user and the customer of the owner tenant 

(Page 18, Column 1, wherein the permissions may be deactivated at the end of a workflow instance.). 

It would have been obvious to one skilled in the art at the time of Applicants 
invention to modify the teachings of Elsey with the teachings of Thomas to include the 
temporary access granted to the user is limited to a duration of a telephone call 
between the user and the customer of the owner tenant with the motivation to 
distinguish the passive concept of permission assignment from the active concept of 
context-based permission activation (Thomas, Abstract). 

As per Claim 73, Elsey fails to disclose the access authorization and the 
temporary current status of the user are limited to a duration of a live communication 
between the user and a customer of the tenant corresponding to the virtual database. 

Thomas discloses the access authorization and the temporary current status of 
the user are limited to a duration of a live communication between the user and a 
customer of the tenant corresponding to the virtual database (Page 18, Column 1, wherein 

the permissions may be deactivated at the end of a workflow instance. Examiner notes that the 
permissions denote a current status/role). 
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It would have been obvious to one skilled in the art at the time of Applicants 
invention to modify the teachings of Elsey with the teachings of Thomas to include the 
access authorization and the temporary current status of the user are limited to a 
duration of a live communication between the user and a customer of the tenant 
corresponding to the virtual database with the motivation to distinguish the passive 
concept of permission assignment from the active concept of context-based permission 
activation (Thomas, Abstract). 

As per Claim 74, Elsey fails to disclose the user access and the temporary 
current role of the user are limited to a duration of a live communication between the 
user and a customer of the owner of the one virtual database. 

Thomas discloses the user access and the temporary current role of the user are 
limited to a duration of a live communication between the user and a customer of the 

Owner Of the one virtual database (Page 18, Column 1, wherein the permissions may be 
deactivated at the end of a workflow instance. Examiner notes that the permissions denote a current 
status/role). 

It would have been obvious to one skilled in the art at the time of Applicants 
invention to modify the teachings of Elsey with the teachings of Thomas to include the 
user access and the temporary current role of the user are limited to a duration of a live 
communication between the user and a customer of the owner of the one virtual 
database with the motivation to distinguish the passive concept of permission 
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assignment from the active concept of context-based permission activation (Thomas, 
Abstract). 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Points of Contact 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael J. Hicks whose telephone number is (571) 272- 
2670. The examiner can normally be reached on Monday - Friday 9:00a - 5:30p. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Christian Chace can be reached on (571) 272-4190. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Michael J Hicks 
Art Unit 2165 
Phone: (571)272-2670 
Fax: (571)273-2670 



/Christian P. Chace/ 

Supervisory Patent Examiner, Art Unit 2165 



